Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Microsoft to patch messed up patch next week
New Posts  All Forums:Forum Nav:

Microsoft to patch messed up patch next week

post #1 of 7
Thread Starter 
I posted Something on thsi not too long ago about a new path conflicting With Software and Hp computers.Looks like Microsoft has Realised they messed up.

Quote:
SOFTWARE FIRM Microsoft will release a patch next week for users who discovered the last security patch it introduced caused trouble and strife for some users.
Rest Below:

http://www.theinquirer.net/?article=31170
post #2 of 7
Wish I could get away with that in my profession--oooh sorry your door only opens one out of three times Mr. Smith--here let us try again and again and again....one of the reasons I run dual boot with Linux lol...
Shop Dog
(13 items)
 
 
CPUMotherboardGraphicsRAM
E8400 Asus Blitz Formula SE HD3870X2 G Skill 2 x 2GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Velociraptor 150GB LG DVD Burner Vista Ultimate 64 AOC 21.5" LED 1080p 
KeyboardPowerCaseMouse
Deck Legend Silverstone 750 Modular OverClock Edition Lian Li V1100 Logitech Trackball 
Mouse Pad
Nope 
  hide details  
Reply
Shop Dog
(13 items)
 
 
CPUMotherboardGraphicsRAM
E8400 Asus Blitz Formula SE HD3870X2 G Skill 2 x 2GB DDR2 800 
Hard DriveOptical DriveOSMonitor
Velociraptor 150GB LG DVD Burner Vista Ultimate 64 AOC 21.5" LED 1080p 
KeyboardPowerCaseMouse
Deck Legend Silverstone 750 Modular OverClock Edition Lian Li V1100 Logitech Trackball 
Mouse Pad
Nope 
  hide details  
Reply
post #3 of 7
Thread Starter 
I would do the same I will next tim Windows Screws up on me which im kind of hoping wont happen too soon.
post #4 of 7
Somehow I doubt MS has time (or desire) to test its patches against every single of the 3+ million applications out there.

I am surprised this doesn't come up more often.

When there are APIs and interfaces used by companies in non-standard ways (for example, using a bug to deploy a feature) and then MS comes along and closes that door... Their stuff breaks.

SO one applicaiton breaks (which impacted a bunch of HP apps) and an AV company mis-identifies a file.

*finger twirl*

Pretty small impact for fixing a security issue.

And if you use KDE, make sure you grab this
Toe Breaker
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 Black Edition ASUS Crosshair V Formula-Z AM3+  ASUS R9270X-DC2T-4GD5  ASUS R9270X-DC2T-4GD5  
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws Series  Samsung 840 EVO-Series  Samsung 840 EVO-Series  ASUS 24x DVD-RW  
CoolingCoolingOSMonitor
Cooler Master Hyper 212 EVO  7x Phanteks PH-F140SP  Windows 8.1 ASUS VG248QE (x2) 
KeyboardPowerCaseMouse
Microsoft 4000 EVGA SuperNOVA 750G2 80PLUS  Phantek Enthoo Logitech G500  
  hide details  
Reply
Toe Breaker
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 Black Edition ASUS Crosshair V Formula-Z AM3+  ASUS R9270X-DC2T-4GD5  ASUS R9270X-DC2T-4GD5  
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws Series  Samsung 840 EVO-Series  Samsung 840 EVO-Series  ASUS 24x DVD-RW  
CoolingCoolingOSMonitor
Cooler Master Hyper 212 EVO  7x Phanteks PH-F140SP  Windows 8.1 ASUS VG248QE (x2) 
KeyboardPowerCaseMouse
Microsoft 4000 EVGA SuperNOVA 750G2 80PLUS  Phantek Enthoo Logitech G500  
  hide details  
Reply
post #5 of 7
Thread Starter 
Well unfortunately i have noticed this Patch is messing with me now as IE doesnt like me all to much since the update. Owel the Patch for the patch will be out soon
post #6 of 7
Erm. The issue is that certain apps (from HP and Kerio) cause verclsid.exe to stop responding. Verclsid.exe basically verified a COM object before allowing it to be instantiated by IE.

The specific trigger in the case of HP is Hpgs2wnd.exe. In the case of Kerio, it flags when IE calls verclid.exe - which causes it to not respond.

My guess in the case of HP is that it makes a remote call from IE - which is what this patch tries to drop - remote code execution through IE. From the logs I looked at, it almost - for practical purposes - DOS's verclsid.exe (Though it is odd verclsid.exe won't work again until you reboot.) In the case of the firewall app, it is probably seeing IE try to execute an unkown file (because it is new to Windows), also causing it to terminate.

The "fix" is, in the case of HP, for their application to be added to the allowed list for executions or kill their service. In the case of Kerio, they will have to update their software (or you manually add verclsid.exe to the exception list.)

There are probably other 3rd party COM objects or calls that could also cause this. I read a few about Quick View Plus.

Then again, they could just not have anything check COM executions and leave the vulnerability
Toe Breaker
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 Black Edition ASUS Crosshair V Formula-Z AM3+  ASUS R9270X-DC2T-4GD5  ASUS R9270X-DC2T-4GD5  
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws Series  Samsung 840 EVO-Series  Samsung 840 EVO-Series  ASUS 24x DVD-RW  
CoolingCoolingOSMonitor
Cooler Master Hyper 212 EVO  7x Phanteks PH-F140SP  Windows 8.1 ASUS VG248QE (x2) 
KeyboardPowerCaseMouse
Microsoft 4000 EVGA SuperNOVA 750G2 80PLUS  Phantek Enthoo Logitech G500  
  hide details  
Reply
Toe Breaker
(17 items)
 
  
CPUMotherboardGraphicsGraphics
AMD FX-8350 Black Edition ASUS Crosshair V Formula-Z AM3+  ASUS R9270X-DC2T-4GD5  ASUS R9270X-DC2T-4GD5  
RAMHard DriveHard DriveOptical Drive
G.SKILL Ripjaws Series  Samsung 840 EVO-Series  Samsung 840 EVO-Series  ASUS 24x DVD-RW  
CoolingCoolingOSMonitor
Cooler Master Hyper 212 EVO  7x Phanteks PH-F140SP  Windows 8.1 ASUS VG248QE (x2) 
KeyboardPowerCaseMouse
Microsoft 4000 EVGA SuperNOVA 750G2 80PLUS  Phantek Enthoo Logitech G500  
  hide details  
Reply
post #7 of 7
Thread Starter 
Quote:
Originally Posted by satansmurf
Erm. The issue is that certain apps (from HP and Kerio) cause verclsid.exe to stop responding. Verclsid.exe basically verified a COM object before allowing it to be instantiated by IE.

The specific trigger in the case of HP is Hpgs2wnd.exe. In the case of Kerio, it flags when IE calls verclid.exe - which causes it to not respond.

My guess in the case of HP is that it makes a remote call from IE - which is what this patch tries to drop - remote code execution through IE. From the logs I looked at, it almost - for practical purposes - DOS's verclsid.exe (Though it is odd verclsid.exe won't work again until you reboot.) In the case of the firewall app, it is probably seeing IE try to execute an unkown file (because it is new to Windows), also causing it to terminate.

The "fix" is, in the case of HP, for their application to be added to the allowed list for executions or kill their service. In the case of Kerio, they will have to update their software (or you manually add verclsid.exe to the exception list.)

There are probably other 3rd party COM objects or calls that could also cause this. I read a few about Quick View Plus.

Then again, they could just not have anything check COM executions and leave the vulnerability
That is the Most likely Explanation to what is the Problem..Microsoft just best sort it out soon as its annoying lol.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Microsoft to patch messed up patch next week